vectornguyen76
diff --git a/‎.github/workflows/development_pipeline.yml‎
Lines changed: 43 additions & 5 deletions b/‎.github/workflows/development_pipeline.yml‎
Lines changed: 43 additions & 5 deletions
diff --git a/‎.github/workflows/production_pipeline.yaml‎
Lines changed: 4 additions & 2 deletions b/‎.github/workflows/production_pipeline.yaml‎
Lines changed: 4 additions & 2 deletions
diff --git a/‎.github/workflows/staging_pipeline.yaml‎
Lines changed: 38 additions & 5 deletions b/‎.github/workflows/staging_pipeline.yaml‎
Lines changed: 38 additions & 5 deletions
diff --git a/‎app/__init__.py‎
Lines changed: 4 additions & 2 deletions b/‎app/__init__.py‎
Lines changed: 4 additions & 2 deletions
diff --git a/‎app/controllers/permission_controller.py‎
Lines changed: 9 additions & 0 deletions b/‎app/controllers/permission_controller.py‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎app/controllers/role_controller.py‎
Lines changed: 10 additions & 0 deletions b/‎app/controllers/role_controller.py‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎app/controllers/user_controller.py‎
Lines changed: 10 additions & 11 deletions b/‎app/controllers/user_controller.py‎
Lines changed: 10 additions & 11 deletions
diff --git a/‎app/extention.py‎
Lines changed: 2 additions & 0 deletions b/‎app/extention.py‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎app/models/permission_model.py‎
Lines changed: 1 addition & 1 deletion b/‎app/models/permission_model.py‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎app/models/user_model.py‎
Lines changed: 1 addition & 1 deletion b/‎app/models/user_model.py‎
Lines changed: 1 addition & 1 deletion
@@ -1,8 +1,46 @@
-name: hello-world
-on: push
+name: development
+on: 
+  pull_request:
+    branches: develop
+
+  push:
+    branches:
+      - develop
 jobs:
-  my-job:
+  build-test:
     runs-on: ubuntu-latest
+    services:
+      postgres:
+        image: postgres:13.3
+        env:
+          POSTGRES_USER: db_user
+          POSTGRES_PASSWORD: db_password
+          POSTGRES_DB: db_test
+        ports:
+          - 5432:5432
+        options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
     steps:
-      - name: my-step
-        run: echo "Hello World with Github Actions"
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Cache Python dependencies
+        uses: actions/cache@v2
+        with:
+          path: ~/.cache/pip
+          key: ${{ runner.os }}-pip-${{ hashFiles('requirements.txt') }}
+          restore-keys: |
+            ${{ runner.os }}-pip-
+      
+      - name: Set up Python 3.9
+        uses: actions/setup-python@v2
+        with:
+          python-version: 3.9
+
+      - name: Install Python dependencies
+        run: python -m pip install -r requirements.txt
+
+      - name: Unit Tests and Integration Tests
+        env:
+          DATABASE_TEST_URL: postgresql://db_user:db_password@localhost/db_test
+        run: python -m flask tests
+        
@@ -1,5 +1,7 @@
-name: hello-world
-on: push
+name: production
+on: 
+  pull_request:
+    branches: main
 jobs:
   my-job:
     runs-on: ubuntu-latest
 
@@ -1,8 +1,41 @@
-name: hello-world
-on: push
+name: staging
+on: 
+  pull_request:
+    branches: staging
 jobs:
-  my-job:
+  build-test:
     runs-on: ubuntu-latest
+    services:
+      postgres:
+        image: postgres:13.3
+        env:
+          POSTGRES_USER: db_user
+          POSTGRES_PASSWORD: db_password
+          POSTGRES_DB: db_test
+        ports:
+          - 5432:5432
+        options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
     steps:
-      - name: my-step
-        run: echo "Hello World with Github Actions"
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Cache Python dependencies
+        uses: actions/cache@v2
+        with:
+          path: ~/.cache/pip
+          key: ${{ runner.os }}-pip-${{ hashFiles('requirements.txt') }}
+          restore-keys: |
+            ${{ runner.os }}-pip-
+      
+      - name: Set up Python 3.9
+        uses: actions/setup-python@v2
+        with:
+          python-version: 3.9
+
+      - name: Install Python dependencies
+        run: python -m pip install -r requirements.txt
+
+      - name: Unit Tests and Integration Tests
+        env:
+          DATABASE_TEST_URL: postgresql://db_user:db_password@localhost/db_test
+        run: python -m flask tests
@@ -1,6 +1,8 @@
 import os
 from flask import Flask
-from app.extention import migrate, jwt, cors
+from app.extention import migrate, cors
+from app.utils.auth import jwt
+from app.utils.principal import principal
 from app.utils.logging import configure_logging
 from app.db import db
 from app.blueprint import register_routing
@@ -15,6 +17,7 @@ def create_app(settings_module):
     migrate.init_app(app, db)
     jwt.init_app(app)
     cors.init_app(app, supports_credentials='true' ,resources={r"*": { "origins": "*" }})
+    principal.init_app(app)
     manage.init_app(app)
 
     # Logging configuration
@@ -25,6 +28,5 @@ def create_app(settings_module):
 
     return app
 
-
 settings_module = os.getenv('APP_SETTINGS_MODULE')
 app = create_app(settings_module)
@@ -5,17 +5,23 @@
 from flask_jwt_extended import jwt_required
 from app.schemas.user_schema import PermissionSchema, UpdatePermissionRoleSchema
 
+# Define permissions
+read_permission = Permission(RoleNeed('read'))
+write_permission = Permission(RoleNeed('write'))
+
 blp = Blueprint("Permission", __name__, description="Permission API")
 
 @blp.route("/permission")
 class PermissionList(MethodView):  
     @jwt_required()
+    @read_permission.require(http_exception=403)
     @blp.response(200, PermissionSchema(many=True))
     def get(self):
         result = permission_service.get_all_permission()
         return result
 
     @jwt_required()
+    @write_permission.require(http_exception=403)
     @blp.arguments(PermissionSchema)
     def post(self, qa_history_data):
         result = permission_service.post_permission(qa_history_data)
@@ -24,12 +30,14 @@ def post(self, qa_history_data):
 @blp.route("/permission/<int:permission_id>")
 class Permission(MethodView): 
     @jwt_required()  
+    @read_permission.require(http_exception=403)
     @blp.response(200, PermissionSchema)
     def get(self, permission_id):
         result = permission_service.get_permission(permission_id)
         return result
 
     @jwt_required()
+    @write_permission.require(http_exception=403)
     @blp.arguments(PermissionSchema)
     def put(self, permission_data, permission_id):
         result = permission_service.update_permission(permission_data, permission_id)
@@ -38,6 +46,7 @@ def put(self, permission_data, permission_id):
 @blp.route("/permission-role-update")
 class PermissionRole(MethodView):
     @jwt_required()
+    @write_permission.require(http_exception=403)
     @blp.arguments(UpdatePermissionRoleSchema)
     def put(self, permission_data):
         result = role_permission_service.update_roles_to_permission(permission_data)
 
@@ -5,17 +5,24 @@
 from flask_jwt_extended import jwt_required
 from app.schemas.user_schema import RoleSchema, UpdateRolePermissionSchema
 
+# Define permissions
+read_permission = Permission(RoleNeed('read'))
+write_permission = Permission(RoleNeed('write'))
+delete_permission = Permission(RoleNeed('delete'))
+
 blp = Blueprint("Role", __name__, description="Role API")
 
 @blp.route("/role")
 class RoleList(MethodView):  
     @jwt_required()
+    @read_permission.require(http_exception=403)
     @blp.response(200, RoleSchema(many=True))
     def get(self):
         result = role_service.get_all_role()
         return result
 
     @jwt_required()
+    @write_permission.require(http_exception=403)
     @blp.arguments(UpdateRolePermissionSchema)
     def post(self, qa_history_data):
         result = role_service.post_role(qa_history_data)
@@ -24,18 +31,21 @@ def post(self, qa_history_data):
 @blp.route("/role/<int:role_id>")
 class Role(MethodView):   
     @jwt_required()
+    @read_permission.require(http_exception=403)
     @blp.response(200, RoleSchema)
     def get(self, role_id):
         result = role_service.get_role(role_id)
         return result
 
     @jwt_required()
+    @write_permission.require(http_exception=403)
     @blp.arguments(UpdateRolePermissionSchema)
     def put(self, role_data, role_id):
         result = role_service.update_role(role_data, role_id)
         return result
 
     @jwt_required()
+    @delete_permission.require(http_exception=403)
     def delete(self, role_id):
         result = role_service.delete_role(role_id)
         return result
@@ -1,19 +1,21 @@
 from app.services import user_service
-from flask_jwt_extended import jwt_required, get_jwt, get_jwt_identity, create_access_token
+from flask_jwt_extended import jwt_required, get_jwt
 from flask.views import MethodView
-from flask_smorest import Blueprint, abort
+from flask_smorest import Blueprint
 from flask_principal import Permission, RoleNeed
 from app.schemas.user_schema import *
 
-# Define some permissions
-# admin_permission = Permission(RoleNeed('user_management'))
+# Define permissions
+read_permission = Permission(RoleNeed('read'))
+write_permission = Permission(RoleNeed('write'))
+delete_permission = Permission(RoleNeed('delete'))
 
 blp = Blueprint("User", __name__, description="User API")
 
 @blp.route("/user")
 class UserList(MethodView):  
     @jwt_required()
-    # @admin_permission.require(http_exception=403)
+    @read_permission.require(http_exception=403)
     @blp.response(200, UserSchema(many=True))
     def get(self):
         result = user_service.get_all_user()
@@ -22,26 +24,23 @@ def get(self):
 @blp.route("/user/<int:user_id>")
 class User(MethodView):   
     @jwt_required()
+    @read_permission.require(http_exception=403)
     @blp.response(200, UserSchema)
     def get(self, user_id):
         result = user_service.get_user(user_id)
         return result
 
     @jwt_required()
+    @write_permission.require(http_exception=403)
     @blp.arguments(UserUpdateSchema)
     def put(self, user_data, user_id):
         result = user_service.update_user(user_data, user_id)
         return result
-        
-    @jwt_required()
-    def delete(self, user_id):        
-        result = user_service.delete_user(user_id)
-        return result
 
 @blp.route("/block-user/<int:user_id>")
 class BlockUser(MethodView):     
     @jwt_required()  
-    # @admin_permission.require(http_exception=403)
+    @delete_permission.require(http_exception=403)
     @blp.arguments(UpdateBlockUserSchema)
     def put(self, user_data, user_id):        
         result = user_service.update_block_user(user_data, user_id)
 
@@ -1,7 +1,9 @@
 from flask_migrate import Migrate
 from flask_jwt_extended import JWTManager
 from flask_cors import CORS
+from flask_principal import Principal
 
 migrate = Migrate()
 jwt = JWTManager()
 cors = CORS()
+principal = Principal()
@@ -5,6 +5,6 @@ class PermissionModel(db.Model):
 
     id = db.Column(db.Integer, primary_key=True)
     name = db.Column(db.String(), unique=True, nullable=False)
-    route = db.Column(db.String(), unique=True, nullable=False)
+    description = db.Column(db.String())
     roles = db.relationship("RoleModel", back_populates="permissions", secondary="role_permission")
 
@@ -4,7 +4,7 @@
 class UserModel(db.Model):
     __tablename__ = "user"
 
-    id = db.Column(db.Integer, primary_key = True) 
+    id = db.Column(db.Integer, primary_key=True) 
     username = db.Column(db.String(80), unique=True, nullable=False)
     password = db.Column(db.String(), nullable=False)
     block = db.Column(db.Boolean, default=False, nullable=False)